public void removePropertyValue(PropertyTypeDefinition propDef) throws Exception {
   RequestContext requestContext = RequestContext.getRequestContext();
   Repository repository = requestContext.getRepository();
   String token = SecurityContext.getSecurityContext().getToken();
   Path uri = requestContext.getResourceURI();
   Resource resource = repository.retrieve(token, uri, true);
   if (resource.getProperty(propDef) != null) {
     resource.removeProperty(propDef);
     repository.store(token, resource);
   }
 }
 public void setPropertyDateValue(PropertyTypeDefinition datePropDef, Date date) throws Exception {
   RequestContext requestContext = RequestContext.getRequestContext();
   Repository repository = requestContext.getRepository();
   String token = SecurityContext.getSecurityContext().getToken();
   Path uri = requestContext.getResourceURI();
   Resource resource = repository.retrieve(token, uri, true);
   Property dateProp = resource.getProperty(datePropDef);
   if (dateProp == null) {
     dateProp = datePropDef.createProperty();
     resource.addProperty(dateProp);
   }
   dateProp.setDateValue(date);
   repository.store(token, resource);
 }
  public boolean postAuthentication(HttpServletRequest req, HttpServletResponse resp) {

    String authHeader = req.getHeader("Authorization");
    if (authHeader == null) {
      return false;
    }

    String headerFields = authHeader.substring("Digest: ".length() - 1);

    String nonce = HttpUtil.extractHeaderField(headerFields, "nonce");
    String opaque = HttpUtil.extractHeaderField(headerFields, "opaque");
    if (nonce == null || opaque == null) {
      return false;
    }

    Principal principal = SecurityContext.getSecurityContext().getPrincipal();
    if (principal == null) {
      return false;
    }

    if (this.maintainState) {

      StateEntry entry = (StateEntry) this.stateMap.remove(nonce + ":" + opaque);
      if (entry == null) {
        return false;
      }
      Date timestamp = new Date();
      String nextNonce = this.generateNonce();
      entry.setUsername(principal.getQualifiedName());
      entry.setNonce(nextNonce);
      entry.setTimestamp(timestamp);
      entry.setNonceCount(entry.getNonceCount() + 1);
      entry.setStale(false);

      this.stateMap.put(nextNonce + ":" + opaque, entry);
      resp.addHeader("Authentication-Info", "nextnonce=" + nextNonce);
    }

    return false;
  }
예제 #4
0
 /** @see vtk.web.ContextInitializer#destroyContext() */
 public void destroyContext() {
   if (logger.isDebugEnabled()) {
     logger.debug("Destroying security context: " + SecurityContext.getSecurityContext());
   }
   SecurityContext.setSecurityContext(null);
 }
예제 #5
0
  /**
   * Logs out the client from the authentication system. Clears the {@link SecurityContext} and
   * removes the principal from the {@link TokenManager}. Finally, calls the authentication
   * handler's {@link AuthenticationHandler#logout logout} method.
   *
   * @param request the request
   * @param response the response
   * @return the return value of the authentication handler's <code>logout()</code> method.
   * @throws AuthenticationProcessingException if an underlying problem prevented the request from
   *     being processed
   * @throws IOException
   * @throws ServletException
   * @see AuthenticationHandler#logout
   */
  public boolean logout(HttpServletRequest request, HttpServletResponse response)
      throws AuthenticationProcessingException, ServletException, IOException {

    if (!SecurityContext.exists()) {
      return false;
    }
    SecurityContext securityContext = SecurityContext.getSecurityContext();
    Principal principal = securityContext.getPrincipal();
    if (principal == null) {
      return false;
    }
    AuthenticationHandler handler =
        this.tokenManager.getAuthenticationHandler(securityContext.getToken());

    // FIXME: what if handler.isLogoutSupported() == false?
    boolean result = handler.logout(principal, request, response);
    String status = result ? "OK" : "FAIL";
    if (authLogger.isDebugEnabled()) {
      authLogger.debug(
          request.getRemoteAddr()
              + " - request-URI: "
              + request.getRequestURI()
              + " - "
              + "logout_method: Logout: principal: '"
              + principal
              + "' - method: '"
              + handler.getIdentifier()
              + "' - status: "
              + status);
    }

    this.tokenManager.removeToken(securityContext.getToken());
    SecurityContext.setSecurityContext(null);

    if (this.rememberAuthMethod) {
      List<String> spCookies = new ArrayList<String>();
      spCookies.add(vrtxAuthSP);
      spCookies.add(uioAuthIDP);
      if (this.cookieLinksEnabled) {
        spCookies.add(VRTXLINK_COOKIE);
      }

      for (String cookie : spCookies) {
        Cookie c = getCookie(request, cookie);
        if (c != null) {
          if (logger.isDebugEnabled()) {
            logger.debug("Deleting cookie " + cookie);
          }
          c = new Cookie(cookie, c.getValue());
          if (!cookie.equals(VRTXLINK_COOKIE)) {
            c.setSecure(true);
          }
          c.setPath("/");
          if (this.spCookieDomain != null && !cookie.equals(VRTXLINK_COOKIE)) {
            c.setDomain(this.spCookieDomain);
          }
          c.setMaxAge(0);
          response.addCookie(c);
        }
      }
    }
    return result;
  }
예제 #6
0
  /**
   * Removes authentication state from the authentication system. The {@link SecurityContext} is
   * cleared, the current principal is removed from the {@link TokenManager}, but the {@link
   * AuthenticationHandler#logout logout} process is not initiated.
   *
   * @return <code>true</code> if any state was removed, <code>false</code> otherwise
   */
  public boolean removeAuthState(HttpServletRequest request, HttpServletResponse response) {
    if (!SecurityContext.exists()) {
      return false;
    }
    SecurityContext securityContext = SecurityContext.getSecurityContext();
    Principal principal = securityContext.getPrincipal();
    if (principal == null) {
      return false;
    }
    this.tokenManager.removeToken(securityContext.getToken());
    SecurityContext.setSecurityContext(null);
    if (authLogger.isDebugEnabled()) {
      authLogger.debug(
          request.getRemoteAddr()
              + " - request-URI: "
              + request.getRequestURI()
              + " - "
              + "removeAuthState_method: Logout: principal: '"
              + principal
              + "' - method: '<none>' - status: OK");
    }
    if (this.rememberAuthMethod) {
      List<String> spCookies = new ArrayList<String>();
      spCookies.add(vrtxAuthSP);
      spCookies.add(uioAuthIDP);
      spCookies.add(VRTXLINK_COOKIE);

      for (String cookie : spCookies) {
        Cookie c = getCookie(request, cookie);
        if (c != null) {
          if (logger.isDebugEnabled()) {
            logger.debug("Deleting cookie " + cookie);
          }
          if (authLogger.isDebugEnabled()) {
            authLogger.debug(
                request.getRemoteAddr()
                    + " - request-URI: "
                    + request.getRequestURI()
                    + " - "
                    + "Deleting cookie "
                    + cookie);
          }
          c = new Cookie(cookie, c.getValue());
          if (!cookie.equals(VRTXLINK_COOKIE)) {
            c.setSecure(true);
          }
          c.setPath("/");
          if (this.spCookieDomain != null && !cookie.equals(VRTXLINK_COOKIE)) {
            c.setDomain(this.spCookieDomain);
          }
          c.setMaxAge(0);
          response.addCookie(c);
        }
      }
    }

    HttpSession session = request.getSession(false);
    if (session != null) {
      session.invalidate();
    }

    return true;
  }